About tameri

tameri · 03-13-2024

Zeek(used to be Bro) is an open-source Network Security Monitor that can be used for Detection System and network traffic analysis framework. Zeek can generate real-time alerts, data logging for further investigation, and automatic program execution ...

tameri · 03-04-2024

This post is a continuation of Part 1 - Evaluating Security Stack Resilience against Attack use cases - a suggested framework. The following photos will show some of the use cases (or playbooks) that demonstrate how Mandiant Security Validation (MSV)...

tameri · 02-12-2024

The suggest Security Assessment Framework outlined here provides a structured approach to evaluate the resilience of a security stack against various specified attack use cases, such as malware delivery, command and control (CnC) communication, and l...

tameri · 04-03-2024

Hi @srijankafle , you can archive by using ingestion notifications , you can find it here https://cloud.google.com/chronicle/docs/ingestion/ingestion-notifications-for-health-metrics

tameri · 03-25-2024

@ev13 , user guideline can be found here https://cloud.google.com/chronicle/docs/administration/feed-managementWhen you add ThirdParty API, you select Workday and then in the next box you fill the necessary information for authentication

tameri · 03-22-2024

@Cyber_Chief1999 , have a look at "Google Chronicle - Chronicle Alerts Connector" , I think it meets your requirements. (https://cloud.google.com/chronicle/docs/soar/marketplace-integrations/google-chronicle#chronicle-alerts-connector) in SOAR, you c...

tameri · 03-20-2024

@ravivittal , sure you can use the same for Sharphound or any other tools These URLs are sample to guide and inspire you when write rules specific for your use cases. Regards

tameri · 03-18-2024

Hello @ravivittal ,Yes, the premises you've outlined for detecting SharpHound and credential dumping activities are generally correct and represent a common approaches in identifying these tools.here, you can find some examples that you can use as gu...

My Stats

tameri's Bio

Badges tameri Earned

Recent Activity

Chronicle Search-Zeek A Quick Reference

Part 2 - Evaluating Security Stack Resilience against Attack use cases - a suggested framework

Part 1 - Evaluating Security Stack Resilience against Attack use cases - a suggested framework

Re: Alert for silent log source

Re: Workday Integration to Chronicle SIEM

Re: UDM Search to find triggered alerts

Re: Hacking Tools - SharpH0und, Cred Dumping, etc.

Re: Hacking Tools - SharpH0und, Cred Dumping, etc.